Privacy Policy LeadRadar.ro

Last updated: December 12, 2025

This Privacy Policy explains how Mihai Enache Consultancy SRL ("We", "LeadRadar.ro", "Company") collects, uses, stores, and protects personal data in connection with:

  • the LeadRadar.ro website
  • the LeadRadar SaaS platform (user accounts)
  • B2B database / lead generation services and associated functionalities

This Policy supplements the LeadRadar.ro Terms and Conditions. In case of conflict, the special provisions in this Policy regarding data protection will prevail over general provisions regarding service operations.

1. Who we are and contact details

Data Controller:

Mihai Enache Consultancy SRL

Address: Str. Episcopul Vulcan no. 103, apt. 2, Sector 1, Bucharest

Trade registry no. / year: J40/3412/2018

Tax ID: RO 39002651

Contact email: mihai@growthmind.ro

2. Scope of application – who is affected

This Policy applies to:

  • Users / customers of LeadRadar.ro (individuals or representatives of legal entities);
  • B2B contact persons (e.g. managers, directors, specialists) whose professional data is accessed through the Platform, via third-party operators such as Apollo;
  • Website visitors of LeadRadar.ro (including cookies and analytics).

The Policy does NOT address ordinary B2C consumers, but primarily professionals and companies from the business environment.

3. What types of data we collect

3.1. Data for account creation and management

When you create an account on LeadRadar.ro or represent a client company, we may collect:

  • First name, last name
  • Business email address
  • Phone number (optional / if provided)
  • Password (stored encrypted)
  • Company name, position/role
  • Billing data (company name, tax ID, address, registration number, contact person)

3.2. Platform usage data

During use of the Platform, we collect:

  • authentication logs (IP, device, access time);
  • actions performed in the Platform (searches, unlocked contacts, exports, lists created);
  • technical information (browser, operating system, errors).

This data helps us ensure security, auditing, and product improvement.

3.3. B2B Contact Data (via third-party operators, e.g. Apollo)

For B2B contact data, we act as a technical intermediary:

  • When you request contact unlocking in LeadRadar, the request is transmitted via API to one or more specialized operators (e.g. Apollo), which provide the respective data (name, role, company, business email, phone, LinkedIn profile, sector, etc.).
  • These operators own and manage the primary database and assume their own GDPR compliance.

In this context, we may store and display in your account:

  • professional data of contact persons (strictly B2B);
  • contact status (unlocked/used, lists, internal notes).

3.4. Data about companies from public sources and via AI

For companies, we mainly use:

  • public sources (e.g.: mfinante.gov.ro, data.gov.ro and other public registries / sites);
  • open online sources (company website, press releases, news, etc.);
  • AI platforms that search and synthesize the latest public information about companies (e.g.: snapshots, challenges, developments, news).

Data may include: company name, tax ID, address, turnover, profit, field of activity, number of employees, significant public events, etc.

3.5. Payment and billing data

If you have a paid subscription, we process:

  • billing data (company, tax ID, address, contact person);
  • summary information about payments (subscription plan, amount, payment date, status);
  • possibly, transaction identifiers from the payment operator (without storing the full card number, if using an external processor).

3.6. Communications and marketing

When you contact us or subscribe to newsletter / communications, we process:

  • name, email, company;
  • content of messages / questions;
  • communication preferences (subscribed / unsubscribed).

4. Purposes and legal bases of processing

We process data primarily for:

1. Providing LeadRadar.ro Services

  • account creation and management;
  • access to B2B database through third-party operators;
  • export and CRM integration.

Legal basis: contract performance (Art. 6(1)(b) GDPR).

2. Billing, payments and accounting records

Legal basis: legal obligations (Art. 6(1)(c)) and legitimate interest.

3. Customer communication and technical support

  • answering questions, assistance;
  • notifications regarding changes to platform, security or terms.

Legal basis: contract performance and legitimate interest.

4. B2B marketing and commercial communications to customers / potential customers

  • newsletter, offers, demo/webinar invitations;
  • feature recommendations, plans or additional services.

Legal basis: legitimate interest (B2B marketing) and/or consent, as applicable, with respect to electronic communications rules and opt-out.

5. Intermediation of access to B2B Contact Data

  • transmission of unlock requests via API to third-party operators (e.g. Apollo);
  • display and storage of contact data in the platform.

Legal basis: legitimate interest in facilitating B2B communication and contract performance with our customers (provision of lead generation service).

6. Analysis, service improvement and security

  • statistics on usage;
  • abuse prevention (e.g. mass scraping, unauthorized access);
  • product and performance optimization.

Legal basis: legitimate interest.

7. Compliance with legal obligations and defense of rights

  • compliance with tax legislation and other legal obligations;
  • handling any complaints or disputes.

Legal basis: legal obligation and legitimate interest.

5. Cookies and similar technologies

The LeadRadar.ro website and platform may use cookies and similar technologies for:

  • essential functionalities (authentication, session maintenance);
  • traffic analysis (e.g. Google Analytics or other tools);
  • personalization and marketing.

We will display, where appropriate, a cookie banner that allows you to:

  • accept/reject certain categories of cookies;
  • withdraw your consent.

Additional details may be included in a separate Cookie Policy.

6. Where we get the data from

We collect data:

  • directly from you – when you create an account, contact us, complete forms, use the platform;
  • from the company you represent – if your account is created by your colleagues;
  • from public sources – public registries, official websites, press releases, news;
  • from specialized operators – e.g. Apollo and other B2B data providers, when you request contact unlocking;
  • from analytics and AI tools – that process public content to generate snapshots or reports about companies.

7. Who has access to data (recipients and processors)

We may communicate data to:

  • IT infrastructure and cloud hosting providers (servers, databases, backup);
  • CRM / integration providers (if you choose to connect LeadRadar to your CRM);
  • Email and communication service providers (for sending notifications and newsletters);
  • B2B data operators (e.g. Apollo) – for B2B Contact Data that you request through the platform;
  • Payment processing providers (if you use a paid subscription);
  • External consultants (lawyers, accountants, auditors) to the extent data access is necessary;
  • Public authorities if we are legally obliged.

With all service providers acting as data processors we enter into data processing agreements (DPA) and ensure they meet the necessary security standards.

8. Data transfers outside the EEA

Certain providers (e.g. B2B platforms such as Apollo, cloud or email services) may have their headquarters or servers outside the European Economic Area (EEA).

In such cases, we rely on:

  • adequacy decisions of the European Commission (if available); and/or
  • Standard Contractual Clauses and other appropriate safeguards.

You can request more information about these transfers by contacting us at the email address indicated in section 1.

9. How long we keep the data

The retention period depends on the type of data and purpose:

  • Account and usage data: generally, for the duration of the contract + a reasonable period (e.g. 3 years) for defense of rights and internal archives;
  • Billing data: according to tax legislation (usually 5–10 years);
  • Technical and security logs: limited period, e.g. 6–24 months, depending on risk level and legal obligations;
  • Data used for B2B marketing: until unsubscribe / objection or until we consider them no longer relevant (e.g. if there is no longer a relationship with the customer or if the email is no longer valid);
  • Data from public sources: as long as necessary for service operation and as long as the information is public and relevant.

When we no longer have a legal basis for retaining data, we will delete or anonymize it.

10. Data subject rights

Within the limits provided by GDPR, you have the following rights:

  1. Right of access – to know what data we process about you.
  2. Right to rectification – to request correction of inaccurate data or completion of incomplete data.
  3. Right to erasure ("right to be forgotten") – in certain situations (e.g. we no longer have a legal basis for processing).
  4. Right to restriction of processing – in cases provided by GDPR.
  5. Right to data portability – for data you provided us and which is processed by automated means, based on consent or contract.
  6. Right to object – especially for processing based on legitimate interest, including for direct marketing.
  7. Right to withdraw consent – where we rely on consent (e.g. certain types of marketing or cookies). Withdrawal does not affect processing already performed.

To exercise these rights, you can contact us at: . We will respond, as a rule, within 30 days.mihai@growthmind.ro.

If you believe your rights have been violated, you have the right to contact:

  • The National Supervisory Authority for Personal Data Processing (ANSPDCP) or
  • the competent courts.

11. How we protect data

We take appropriate technical and organizational measures to protect data, such as:

  • system access control (users, passwords, roles);
  • secure storage on protected servers;
  • periodic data backup;
  • limiting employee and collaborator access only to strictly necessary data;
  • contracts and confidentiality clauses with suppliers and processors.

No solution can guarantee absolute security, but we are committed to acting promptly in case of security incidents and, if applicable, to notify authorities and data subjects in accordance with legislation.

12. Minors' data

LeadRadar.ro is exclusively intended for use in the business environment (B2B) and is not addressed to minors. We do not intentionally collect data about persons under 18 years of age. If we learn that we have collected such data, we will delete it reasonably quickly.

13. Changes to the Privacy Policy

We reserve the right to update this Policy to reflect:

  • changes to services;
  • legislative changes;
  • recommendations of supervisory authorities.

We will post the updated version on LeadRadar.ro, mentioning the date of the last update. Continued use of the services after publication of a new version means acceptance of those changes.

Privacy Policy | LeadRadar